REMARKS 

Introduction 

Claims 1, 7, 21, 26, 30 and 31 have been amended. The application continues 
to include claims 1 -9 and 21 -31 . 

Applicants thank the Examiner for taking the time to conduct a personal interview 
with the Applicants' representative on August 18, 2009. The substance of the interview 
is reflected in this Amendment. Reconsideration of the rejection of the application is 
respectfully requested in view of the claim amendments and the following remarks. 

The Claims are Allowable because the Prior Art Fails to Disclose Using an 
Accumulated Reversing Delta to Reconstruct a Previously Enforced 
Security Policy 

Claims 1, 2, 5, 7, 8 and 21-31 are rejected under 35 U.S.C. §1 03(a) as being 
unpatentable over Brownlie et al., U.S. Patent No. 6,202,157 ("Brownlie") in view of 
Donohue, U.S. Patent No. 6,1 99,204 and further in view of Chamberlain, U.S. Patent 
No. 6,438,749, or in alternative, further in view of De Meno et al., U.S. Publication No. 
2001/0029517 ("De Meno"). Claim 6 is rejected under 35 U.S.C. §§1 03(a) as being 
unpatentable over Brownlie in view of Donohue and Chamberlain, or in alternative, De 
Meno and further in view of Wang, U.S. Pat. No. 5,956,521 . Claims 3, 4 and 9 are 
rejected under 35 U.S.C. §1 03(a) as being unpatentable over Brownlie in view of 
Donohue and Chamberlain, or in alternative, De Meno and further in view of Trcka et 
al., U.S. Publication No. 2001/0039579 ("Trcka") and Microsoft Press, Computer 
Dictionary, 3rd Edition (1997). Reconsideration of the rejections is respectfully 
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requested because the prior art fails to disclose using an accumulated reversing delta to 
reconstruct a previously enforced security policy. 

One embodiment of the present invention is a system 100 for maintaining 
security in a distributed computing environment. The system includes a policy manager 
112 coupled to a network 114 with a database 218 for storing a security policy that 
includes a plurality of rules that control user access to applications. See e.g., H [0046]; 
Figs. 1 and 2. The system further includes a security engine 310 located on a client 
coupled to the network which stores a set of rules constituting a local customized 
security policy received through the network and enforces the local customized security 
policy with respect to an application at the client. See e.g., U [0074]. The security policy 
is updated by recording a series of incremental changes to the security policy, 
determining which of the incremental changes are applicable to the security engine, 
computing an accumulated delta that reflects the series of incremental changes 
applicable to the security engine and sending the accumulated delta to the security 
engine from the policy manager so that the security engine uses the accumulated delta 
to update the local customized security policy. See e.g., If [0094]. A previously 
enforced version of the local customized security policy is reconstructed by generating 
an accumulated reversing delta at the policy manager and sending the accumulated 
reversing delta to the security engine, the accumulated reversing delta comprises a 
sequence of incremental changes in a reverse order. See e.g., If [0106]. Therefore, a 
security policy can be easily rolled back and network congestion time and distribution 
time is reduced. 
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None of the prior art discloses a similar method of rolling back to a previous 
security policy. For example, Chamberlain discloses a method for restoring a computer 
to its original state after an unsuccessful patch installation attempt. Chamberlain 
discloses that an installer program module can create one or more "inverse records" or 
"patch rollback script records". See Chamberlain at col. 1 1 , II. 33-40. The patch 
rollback script record "typically includes instructions on how to delete the installed patch 
installation data of the patch installation script record". See Chamberlain at col. 1 1 , 1. 67 
- col. 12, 1. 3. Therefore, Chamberlain fails to disclose an accumulating reverse delta 
that is merely a sequence of incremental changes in a reverse order rather than specific 
instructions for deletion. Further, Chamberlain is directed to software patching rather 
than the distribution of security policies. 

In contrast to the cited prior art, amended independent claim 1 recites 
"generating an accumulated reversing delta at the policy manager and sending the 
accumulated reversing delta to the security engine, wherein the accumulated reversing 
delta comprises a sequence of incremental changes in a reverse order". For at least 
these reasons, amended independent claim 1, and amended independent claims 7, 21, 
26, 30 and 31 , which recite similar limitations, should now be allowable over the cited 
prior art. The remaining claims depend from one of the above independent claims and 
should also be allowable for at least the above reasons. 



U.S. Patent Application No. 10/017,368 
Page 13 of 14 



Conclusion 

Applicants respectfully requests favorable action in connection with this 
application. 

The Examiner is invited and urged to contact the undersigned to discuss any 
matter concerning this application. 

A one month extension of time fee is required for this submission. Should any 
other fee be required, the Commissioner is authorized to charge any such fee to 
Counsel's Deposit Account 50-2222. 



Respectfully submitted, 



Date: August 20, 2009 /Barry S. Goldsmith/ 

Barry S. Goldsmith 
Attorney for Applicants 
Registration No. 39,690 
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